Updated on 2023-01-09: Hitachi Energy Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control System (ICS) advisories regarding vulnerabilities in Hitachi Energy products. The flaws affect Hitachi Energy UNEM, Hitachi Energy FOXMAN-UN, and Hitachi Energy Lumada Asset Performance Management. Hitachi has addressed the vulnerabilities and urges users to update to the most current versions.
Note
- Hitachi released the updates in December, and with the holidays you probably haven’t had a chance to deploy them. Ok, let’s go. Also make sure that you’re limiting access to your control systems, monitoring for malicious activity, and for real, DO NOT expose them to the Internet. Have a conversation with your team about what their update cadence is, how they monitor for issues like this, and how access restrictions can be implemented while continuing to meet mission and service expectations. Don’t forget to ask what security model they are using; you may be surprised.
Read more in
- List of Cybersecurity Advisories and Notifications
- ICS Advisory (ICSA-23-005-01) Hitachi Energy UNEM
- ICS Advisory (ICSA-23-005-02) Hitachi Energy FOXMAN-UN
- ICS Advisory (ICSA-23-005-03) Hitachi Energy Lumada Asset Performance Management
Overview: CISA ICS Advisories on Advantech and Hitachi Products
Earlier this week, the US Cybersecurity and Infrastructure Security Agency (CISA) released two Industrial Control Systems (ICS) advisories regarding severe vulnerabilities in Advantech R-SeeNet and Hitachi Energy APM Edge appliances. The Hitachi advisory is an updated version of an advisory originally released in December 2021.
Note
- Both advisories contain the phrase “Low attack complexity.” Additionally, the R-SeeNet vulnerability is remotely exploitable. In both cases, not only should you apply the update, but also make sure that you’re only allowing access from authorized devices and users, not directly exposing these devices to the Internet or Intranet, scanning media prior to introduction and monitoring for unexpected activity.
Read more in
